President Trump issued a cybersecurity Executive Order, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity” (Trump EO), along with a corresponding Fact Sheet on June 6, 2025. The Trump EO clears some of the...more
6/16/2025
/ Artificial Intelligence ,
Biden Administration ,
China ,
Cloud Computing ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Executive Orders ,
Federal Contractors ,
FedRAMP ,
Government Agencies ,
Internet of Things ,
National Security ,
National Security Agency (NSA) ,
NIST ,
OMB ,
Popular ,
Regulatory Reform ,
Software ,
Supply Chain ,
Trump Administration
WHAT: Department of Defense (DOD) Secretary Pete Hegseth issued a memorandum titled “Directing Modern Software Acquisition to Maximize Lethality” that is intended to reform DOD’s procurement involving software development....more
Part of the Biden Administration’s push to enhance U.S. cybersecurity capabilities has focused on imposing new requirements on government contractors. The 2023 National Cybersecurity Strategy suggested, for example, that...more
11/22/2024
/ Controlled Unclassified Information (CUI) ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
DFARS ,
Disclosure Requirements ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST ,
Risk Management ,
Software ,
Subcontractors ,
Supply Chain ,
TSA
WHAT: The U.S. Department of Defense (DOD) issued a proposed rule to implement Section 1655(a) and (c) of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2019 (Pub. L. 115-232). The proposed rule would...more
11/21/2024
/ Cybersecurity ,
Defense Contracts ,
Department of Defense (DOD) ,
Disclosure Requirements ,
Electronic Data Transmissions ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
National Security ,
NDAA ,
Software ,
Supply Chain
So far, 2024 has been another very busy year for U.S. cybersecurity regulation. Among the top priorities has been software security, as we previewed early this year. Companies that sell software to the federal government or...more
8/15/2024
/ Compliance ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Federal Acquisition Regulations (FAR) ,
FedRAMP ,
General Services Administration (GSA) ,
Government Agencies ,
Information Technology ,
NIST ,
OMB ,
Software
WHAT: The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) published the final version of its Secure Software Development Attestation Common Form (Common Form) and announced...more
WHAT: As we previously reported here, on October 3, 2023, the Federal Acquisition Regulatory Council (FAR Council) proposed a pair of major cybersecurity rules intended to implement key parts of President Biden’s May 2021...more
10/12/2023
/ Cloud Computing ,
Controlled Unclassified Information (CUI) ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
DFARS ,
Executive Orders ,
FBI ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Information Technology ,
Internet of Things ,
Software ,
Subcontractors
On June 9, 2023, the Office of Management and Budget (OMB) issued a guidance memorandum, OMB M-23-16, that extends the timeline for agencies to begin collecting attestations for critical and non-critical software from...more